Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

Why does user_pref("capability.policy.default.Location.href", "allAccess"); no longer work in FireFox 4? How can I re-enable this feature?

  • 4 respostas
  • 15 têm este problema
  • 3 visualizações
  • Última resposta de Natorator

more options

On upgrading to FireFox 4 from 3.6.15, I noticed that my capability.policy.default items in the prefs.js file were no longer working (the custom site that I run locally needs access to this attribute, amongst others) - how can I go about returning this feature back on?

Example CAPS entry: user_pref("capability.policy.default.Location.href", "allAccess");

I've had to downgrade again to 3.6.15 until I can get this to work.

Tested on Windows XP (SP3), and using existing/new profiles in FF 4.0 and using prefs.js and user.js - nothing can get the Javascript code to read the location.href and getting an error generated in the error console. Also tested on Mac OS X 10.6.7 with FF 4.0 - still no luck getting capability.policies to work.

Please help...

On upgrading to FireFox 4 from 3.6.15, I noticed that my capability.policy.default items in the prefs.js file were no longer working (the custom site that I run locally needs access to this attribute, amongst others) - how can I go about returning this feature back on? Example CAPS entry: user_pref("capability.policy.default.Location.href", "allAccess"); I've had to downgrade again to 3.6.15 until I can get this to work. Tested on Windows XP (SP3), and using existing/new profiles in FF 4.0 and using prefs.js and user.js - nothing can get the Javascript code to read the location.href and getting an error generated in the error console. Also tested on Mac OS X 10.6.7 with FF 4.0 - still no luck getting capability.policies to work. Please help...

Alterado por damager em

Todas as respostas (4)

more options

Anyone, really? This would be a bug if you ask me and it doesn't work on two different operating systems. Does anyone have a way of disabling the Same Origin Policy, temporarily, for FF4 whilst this gets looked at/fixed?

On Google Chrome, --disable-web-security would be the equivalent.

more options

New information: On FireFox 3.6 if I remove the following line from prefs.js: user_pref("capability.policy.default.Location.href", "allAccess");

I get the following error:

Error: Permission denied for <http://<Redacted>> to get property Location.href Source File: http://<Redacted>/ Line: 1769 </p>

I get a slightly different error under FF4.0 - is there a different syntax now, as it is no longer showing "Location.href", but just "href" (and yes, I've tried removing Location. from the user_pref)...

Error: Permission denied to access property 'href' Source File: http://<Redacted</ Line: 1769 </p>

Alterado por damager em

more options

New information:

Also happens on Windows Vista (upgrading from FF 3.5 directly to 4.0) and Windows 7 (from FF 3.6 to 4.0).

more options

I've been beating my head against this problem for a few hours, and I finally solved it. I'd been trying to set a capability policy using the "magic" default policy, and nothing would work - I could disable properties and functions of the Window object, but not the Location object.

It turns out that if I set a custom policy name, and named the specific sites I wanted the policy to apply to, it works! The only hitch is that you'll have to build a whitelist of sites that are allowed to have this kind of access, instead of allowing any site to access it by default. I think this is prudent security policy, in order to prevent XSS attacks.

So, for your case, instead of this: user_pref("capability.policy.default.Location.href", "allAccess");

use this instead: user_pref("capability.policy.policynames", "hrefaccess"); user_pref("capability.policy.hrefaccess.sites", "http://example.com http://www.example.com"); user_pref("capability.policy.hrefaccess.Location.href", "allAccess");

I haven't tested this code, but a similar implementation for my problem did the trick. I hope this helps!